Bugtraq: by date
RSS Feed
About List
All Lists
Previous period
304 messages
starting Jul 01 08 and
ending Jul 31 08
Date index |
Thread index |
Author index
Tuesday, 01 July
Re: Rhythmbox Vulnerability wargame89
Endless loop in Soldner 33724 Luigi Auriemma
[SCANIT-2008-002] Wordtrans-web Remote Command Execution Vulnerability Scanit Labs
[USN-617-2] Samba regression Jamie Strandboge
[SCANIT-2008-003] Wordtrans-web Remote Command Execution Vulnerability Scanit Labs
CFP 25C3 - The 25th Chaos Communication Congress 2008 fukami
[SCANIT-2008-001] QNX phgrafx Privilege Escalation Vulnerability Scanit Labs
[ GLSA 200807-01 ] Python: Multiple integer overflows Tobias Heinlein
[security bulletin] HPSBMA02345 SSRT080039 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS) security-alert
[ GLSA 200807-02 ] Motion: Execution of arbitrary code Tobias Heinlein
New Paper: More than 600 million users surf at high risk Stefan Frei
Vuln name: Ruby rb_ary_fill() DOS snagg
RE: New Paper: More than 600 million users surf at high risk Larry Seltzer
RE: New Paper: More than 600 million users surf at high risk Larry Seltzer
Deepsec Talks 2007 are online - registration for 2008 is open DeepSec 2008
Re: Collection of Vulnerabilities in Fully Patched Vim 7.1 Jan Minář
[SECURITY] [DSA 1560-1] New sympa packages fix denial of service Steve Kemp
RE: New Paper: More than 600 million users surf at high risk Paul Schmehl
Wednesday, 02 July
[USN-619-1] Firefox vulnerabilities Jamie Strandboge
[tool] ratproxy - passive web application security assessment tool Michal Zalewski
RE: New Paper: More than 600 million users surf at high risk Nick FitzGerald
ISEC 2008(Information Security Conference) Guide isec
Secunia Research: VLC Media Player WAV Processing Integer Overflow Secunia Research
Release of Pass-The-Hash Toolkit v1.4 Hernan Ochoa
Re: New Paper: More than 600 million users surf at high risk Rob Thompson
Re: New Paper: More than 600 million users surf at high risk Rainer Duffner
Thursday, 03 July
rPSA-2008-0211-1 mercurial mercurial-hgk rPath Update Announcements
rPSA-2008-0212-1 tshark wireshark rPath Update Announcements
Friday, 04 July
[ MDVSA-2008:125 ] - Updated PHP packages fix multiple vulnerabilities security
[ MDVSA-2008:126 ] - Updated PHP packages fix multiple vulnerabilities security
[ MDVSA-2008:127 ] - Updated PHP packages fix multiple vulnerabilities security
[ MDVSA-2008:128 ] - Updated PHP packages fix multiple vulnerabilities security
[SECURITY] [DSA 1601-1] New wordpress packages fix several vulnerabilities Thijs Kinkhorst
Local vulnerability in WeFi Client v3.2.1.4.1(Update) XiaShing
Unauthorized reading confirmation from Outlook Augusto Paes de Barros
[ MDVSA-2008:130 ] - Updated PHP packages fix multiple vulnerabilities security
[ MDVSA-2008:129 ] - Updated PHP packages fix multiple vulnerabilities security
F5 FirePass 1200 SNMP daemon DoS nnposter
Novell GroupWise Messenger Client (GWIM) Remote Stack Overflow [ISR] - Infobyte Security Research
[DSECRG-08-027] Multiple RFI-LFI in 1024 CMS 1.4.3, 1.4.4 RFC Digital Security Research Group [DSecRG]
[ MDVSA-2008:131 ] - Updated phpMyAdmin packages fix multiple vulnerabilities security
Saturday, 05 July
[ MDVSA-2008:132 ] - Updated gnome-screensaver packages fix authentication vulnerability security
[ MDVSA-2008:133 ] - Updated sympa packages fix DoS vulnerability security
[ MDVSA-2008:134 ] - Updated squid packages fix DoS vulnerability security
[ MDVSA-2008:135 ] - Updated gnome-screensaver packages fix authentication vulnerability security
[SECURITY] [DSA 1602-1] New pcre3 packages fix arbitrary code execution Florian Weimer
Monday, 07 July
[oCERT-2008-007] libpoppler uninitialized pointer Andrea Barisani
Re: Multiple vulnerabilities in TietoEnator's Procapita school administration system, at least version Juha-Matti Laurio
[ GLSA 200807-03 ] PCRE: Buffer overflow Robert Buchholz
PHP-NUKE SQL Module's Name 4ndvddb lovebug
Tuesday, 08 July
Pwnie Awards 2008 Alexander Sotirov
Call for Papers for the MEITSEC 2008 is now open. Meitsec2008 Conference
Re: Local vulnerability in WeFi Client v3.2.1.4.1(Update) galia
[security bulletin] HPSBMA02348 SSRT080033 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code, Denial of Service (DoS) security-alert
[security bulletin] HPSBMA02349 SSRT080043 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Unauthorized Access to Data security-alert
[SECURITY] [DSA 1603-1] New bind9 packages fix cache poisoning Florian Weimer
[SECURITY] [DSA 1604-1] BIND 8 deprecation notice Florian Weimer
XSS in admin logs - vBulletin 3.7.2 and lower, vBulletin 3.6.10 PL2 and lower Jessica Hope
[SECURITY] [DSA 1605-1] DNS vulnerability impact on the libc stub resolver Florian Weimer
[ GLSA 200807-04 ] Poppler: User-assisted execution of arbitrary code Matthias Geerdsen
Cisco Security Advisory: Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks Cisco Systems Product Security Incident Response Team
iDefense Security Advisory 07.08.08: Microsoft SQL Server Restore Integer Underflow Vulnerability iDefense Labs
[USN-622-1] Bind vulnerability Kees Cook
[ MDVSA-2008:136 ] - Updated Firefox packages fix vulnerabilities security
Minneapolis DC612 Meeting July 10th, 2008@6pm David Bryan
Wednesday, 09 July
rPSA-2008-0216-1 firefox rPath Update Announcements
rPSA-2008-0217-1 vsftpd rPath Update Announcements
Re: [Full-disclosure] iDefense Security Advisory 07.08.08: Microsoft SQL Server Restore Integer Underflow Vulnerability Cesar
[ MDVSA-2008:137 ] - Updated OpenOffice.org fix vulnerability, and a few other bugs security
[ MDVSA-2008:138 ] - Updated OpenOffice.org packages fix vulnerability security
Re: Unauthorized reading confirmation from Outlook Alexander Klink
Local information disclosure in WeFi Client v3.3.3.0 XiaShing
Insomnia : ISVA-080709.1 - Microsoft SQL Server - Corrupt Backup File Heap Overflow Brett Moore
[SECURITY] [DSA 1606-1] poppler packages fix execution of arbitrary code Steve Kemp
rPSA-2008-0218-1 ruby rPath Update Announcements
Microsoft DNS patch KB951748 incompatible with Zonealarm Pages-Web.com - Services internet
Thursday, 10 July
[ GLSA 200807-05 ] OpenOffice.org: User-assisted execution of arbitrary code Pierre-Yves Rofes
[ MDVSA-2008:139 ] - Updated BIND packages fix critical DNS vulnerability security
Context IS Advisory - MS08-39 OWA XSS Context IS - Disclosure
[ MDVSA-2008:142 ] - Updated ruby packages fix vulnerabilities security
Nessus plugins for recent MS Bulletins Chandrashekhar B
Re: Microsoft DNS patch KB951748 incompatible with Zonealarm FIXED davee1
gapicms v9.0.2 (dirDepth) Remote File Inclusion Vulnerability Ghost hacker
[ GLSA 200807-07 ] NX: User-assisted execution of arbitrary code Robert Buchholz
phpuserbase 1.3 (menu) Remote File Inclusion Vulnerability Ghost hacker
rPSA-2008-0223-1 poppler rPath Update Announcements
[ GLSA 200807-06 ] Apache: Denial of Service Robert Buchholz
London DEFCON July meet - DC4420 - Thursday 10th July (today!) alien
[ MDVSA-2008:141 ] - Updated ruby packages fix vulnerabilities security
[ MDVSA-2008:140 ] - Updated ruby packages fix vulnerabilities security
Friday, 11 July
iDefense Security Advisory 07.09.08: Novell eDirectory LDAP Search Request Heap Corruption Vulnerability iDefense Labs
Re: PR07-37: XSS on Apache HTTP Server 413 error pages via malformed HTTP method mcalautt
[ MDVSA-2008:143 ] - Updated pidgin packages fix MSN protocol handler vulnerability security
ZDI-08-041: Novell eDirectory dhost Integer Overflow Code Execution Vulnerability zdi-disclosures
[SECURITY] [DSA 1607-1] New iceweasel packages fix several vulnerabilities Moritz Muehlenhoff
[ GLSA 200807-08 ] BIND: Cache poisoning Matthias Geerdsen
[NETRAGARD SECURITY ADVISORY][Apple Core Image Fun House <= 2.0 OS X -- Arbitrary Code Execution][NETRAGARD-20080711] Netragard Security Advisories
RE: New Paper: More than 600 million users surf at high risk Jeff Martin
Saturday, 12 July
[ MDVSA-2008:138-1 ] - Updated OpenOffice.org packages fix vulnerability security
[ MDVSA-2008:144 ] - Updated openldap packages fix slapd DoS vulnerability security
Re: Microsoft DNS patch KB951748 incompatible with Zonealarm jgable
Re: Microsoft DNS patch KB951748 incompatible with Zonealarm Steve Shockley
Re: New Paper: More than 600 million users surf at high risk Rob Thompson
Monday, 14 July
Re: Re: Microsoft DNS patch KB951748 incompatible with Zonealarm nelsrob
[SECURITY] [DSA 1608-1] New mysql-dfsg-5.0 packages fix authorization bypass Devin Carraway
Simple DNS Plus 5.0/4.1 < remote Denial of Service exploit Rotem-BugSec
Pluck Local File inclusion admin
FreeBSD Security Advisory FreeBSD-SA-08:06.bind FreeBSD Security Advisories
DeepSec 2008 - Last call for submissions DeepSec Conference Vienna
Re: PR07-37: XSS on Apache HTTP Server 413 error pages via malformed HTTP method ProCheckUp Research
Yuhhu Pubs Black Cat Remote SQL Injection Exploit RM-x
Tuesday, 15 July
CFP now open for ClubHack2008 - India ClubHack
HPSBST02350 SSRT080102 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-037 to MS08-040 security-alert
[USN-624-1] PCRE vulnerability Kees Cook
[ MDVSA-2008:145 ] - Updated bluez/bluez-utils packages fix SDP packet parsing vulnerability security
[SECURITY] [DSA 1609-1] New lighttpd packages fix multiple DOS issues Steve Kemp
[SECURITY] [DSA 1610-1] New gaim packages fix execution of arbitrary code Steve Kemp
Wednesday, 16 July
[SECURITY] [DSA 1569-3] New cacti packages fix regression Thijs Kinkhorst
[ GLSA 200807-09 ] Mercurial: Directory traversal Tobias Heinlein
iDefense Security Advisory 07.15.08: Oracle Internet Directory Pre-Authentication LDAP DoS Vulnerability iDefense Labs
iDefense Security Advisory 07.15.08: Oracle Database DBMS_AQELM Package Buffer Overflow Vulnerability iDefense Labs
iDefense Security Advisory 07.15.08: Oracle Database Local Untrusted Library Path Vulnerability iDefense Labs
[ MDVSA-2008:146 ] - Updated poppler packages fix arbitrary code execution vulnerability security
[security bulletin] HPSBMA02346 SSRT080097 rev.1 - HP Select Identity Active Directory Bidirectional LDAP Connector, Remote Unauthorized Access security-alert
Oracle Application Server PLSQL injection flaw David Litchfield
Re: Re: Microsoft DNS patch KB951748 incompatible with Zonealarm dwg5901
Arbitrary code execution in Netrw version 127, Vim 7.2b Jan Minář
[security bulletin] HPSBMA02133 SSRT061201 rev.9 - HP Oracle for OpenView (OfO) Critical Patch Update security-alert
[ MDVSA-2008:147 ] - Updated pcre packages fix vulnerability security
[ECHO_ADV_100$2008] Comdev Web Blogger <= 4.1.3 (arcmonth) Sql Injection Vulnerability adv
[DSECRG-08-028] File read in Velocity web-server Alexandr Polyakov
[SECURITY] [DSA 1544-2] New pdns-recursor packages fix predictable randomness Florian Weimer
n.runs-SA-2008.002 - F-Prot Out-of-Bound Memory Access DoS (remote) security
openPro 1.3.1 (LIBPATH) Remote RFI Vulnerability Ghost hacker
rPSA-2008-0035-1 httpd mod_ssl rPath Update Announcements
IETF Internet-Draft on TCP Port randomization Fernando Gont
[SECURITY] [DSA 1611-1] New afuse packages fix privilege escalation Thijs Kinkhorst
Thursday, 17 July
[security bulletin] HPSBUX02351 SSRT080058 rev.1 - HP-UX Running BIND, Remote DNS Cache Poisoning security-alert
ekoparty security trainings (2008) announcement ekoparty
[DSECRG-08-029] Local File Include in Dokeos E-Learning System 1.8.5 Digital Security Research Group
HPSBMA02346 SSRT080097 rev.2 - HP Select Identity Active Directory Bidirectional LDAP Connector, Remote Unauthorized Access security-alert
Oracle Portal XSS fixed by CPU July 2008 Andrea Purificato
[USN-623-1] Firefox vulnerabilities Jamie Strandboge
communitycms-0.1 Remote File Includion n3tr00t3r
ZDI-08-044: Mozilla Firefox CSSValue Array Memory Corruption Vulnerability zdi-disclosures
ZDI-08-043: Sun Java Web Start vm args Stack Buffer Overflow zdi-disclosures
ZDI-08-042: Sun Java Web Start Sandbox Bypass Vulnerability zdi-disclosures
Friday, 18 July
Security Vacation Guide Pete Herzog
Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution Jan Minář
Def_Blog 1.0.3 Multiple Remote SQL Injection Vulnerabilities tan_prathan
[ MDVSA-2008:148 ] - Updated Firefox packages fix vulnerabilities security
Lateral SQL Injection Revisited - No Special Privs Required David Litchfield
[ISecAuditors Security Advisories] SmbClientParser Perl module allows remote command execution ISecAuditors Security Advisories
Re: Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution Nikolai Weibull
[DSECRG-08-030] Claroline 1.8.9 Multiple Security Vulnerabilities Digital Security Research Group [DSecRG]
Windows Vista Power Management & Local Security Policy Abe Getchell
Re: Lateral SQL Injection Revisited - No Special Privs Required a . polyakov
Saturday, 19 July
[security bulletin] HPSBUX02351 SSRT080058 rev.2 - HP-UX Running BIND, Remote DNS Cache Poisoning security-alert
rPSA-2008-0231-1 bind bind-utils rPath Update Announcements
Oracle Database Local Untrusted Library Path Vulnerability Joxean Koret
RE: Lateral SQL Injection Revisited - No Special Privs Required David Litchfield
RE: Windows Vista Power Management & Local Security Policy Jim Harrison
RE: Windows Vista Power Management & Local Security Policy Abe Getchell
Monday, 21 July
Easybookmarker 40tr Xss Vulnerability By Khashayar Fereidani irancrash
[ MDVSA-2008:149 ] - Updated mysql packages fix vulnerabilities security
Re: Oracle Database Local Untrusted Library Path Vulnerability jmpascual
EasyPublish 3.0tr Multiple Vulnerabilities ( Xss / Sql Injection Exploit / File Disclosure Exploit ) irancrash
RE: Windows Vista Power Management & Local Security Policy Thor (Hammer of God)
Easyecards 310a Multipe Vulerabilities ( Xss / Sql Injection Exploit / File Disclosure Exploit ) By Khashayar Fereidani irancrash
[ MDVSA-2008:150 ] - Updated mysql packages fix vulnerabilities security
Maran PHP Blog Xss By Khashayar Fereidani irancrash
EMC Dantz Retrospect 7 backup Client PlainText Password Hash Disclosure Vulnerability zhliu
FGA-2008-16: EMC Dantz Retrospect 7 backup Client 7.5.116 Remote Memory corruption Vulnerability zhliu
Vulnerability CVE-2008-3671 - MyReview's vulnerability in the access control system Julien Thomas
Easydynamicpages 30tr Multipe Vulerabilities ( Xss / Sql Injection Exploit / File Disclosure Exploit ) irancrash
EZWebAlbum (dlfilename) Remote File Disclosure Vulnerability Ghost hacker
RE: Windows Vista Power Management & Local Security Policy Abe Getchell
MyBlog <=0.9.8 Multiple Vulnerabilities admin
RE: Windows Vista Power Management & Local Security Policy Jim Harrison
RE: Windows Vista Power Management & Local Security Policy Abe Getchell
Vim: Improper Implementation of shellescape()/Arbitrary Code Execution Jan Minář
FGA-2008-16: EMC Dantz Retrospect 7 backup Client 7.5.116 NULL-Pointer reference Denial of Service Vulnerability zhliu
[DSECRG-08-031] Local File Include Vulnerability in Interact 2.4.1 Digital Security Research Group [DSecRG]
Re: Pwnie Awards 2008 David Litchfield
Flip V3.0 final Cru3l . b0y
Re: SchoolCenter URL Handling Cross Site Scripting Vulnerability Tester
[White Paper] Abusing HTML 5 Structured Client-side Storage Alberto Trivero
[SECURITY] [DSA 1612-1] New ruby1.8 packages fix several vulnerabilities Moritz Muehlenhoff
E-Mail header Injection in HiFriend Peter Wiesen
[ GLSA 200807-10 ] Bacula: Information disclosure Pierre-Yves Rofes
[ GLSA 200807-11 ] PeerCast: Buffer overflow Pierre-Yves Rofes
Tuesday, 22 July
Re: [ GLSA 200807-10 ] Bacula: Information disclosure dan
NULL pointer in ZDaemon 1.08.07 Luigi Auriemma
[ MDVSA-2008:151 ] - Updated libxslt packages fix buffer overflow vulnerability security
Vulnerability: SocialEngine (SocialEngine.net) high risk security flaw Tim Loshak
[ GLSA 200807-12 ] BitchX: Multiple vulnerabilities Pierre-Yves Rofes
[security bulletin] HPSBMA02346 SSRT080097 rev.3 - HP OpenView Select Identity Active Directory Bidirectional LDAP Connector, Remote Unauthorized Access security-alert
FGA-2008-16: EMC Dantz Retrospect 7 backup Server Authentication Module Weak Password Hash Arithmetic Vulnerability zhliu
[SECURITY] [DSA 1613-1] new libgd2 packages fix multiple vulnerabilities Devin Carraway
[DSECRG-08-032] Claroline 1.8.10 Multiple XSS Vulnerabilities Digital Security Research Group [DSecRG]
PR08-13: Persistent Cross-site Scripting (XSS) on Moodle via blog entry title ProCheckUp Research
PR08-15: Several Webroot Disclosures on Moodle ProCheckUp Research
PR08-16: CSRF (Cross-site Request Forgery) on Moodle edit profile page ProCheckUp Research
[USN-627-1] Dnsmasq vulnerability Jamie Strandboge
Outpost Security Suite Pro ver. 2009 Multiple vulnerabilities jplopezy
RE: Windows Vista Power Management & Local Security Policy James C. Slora Jr.
RE: Windows Vista Power Management & Local Security Policy Jim Harrison
Wednesday, 23 July
[ MDVSA-2008:152 ] - Updated wireshark packages fix denial of service vulnerability security
AST-2008-010: Asterisk IAX 'POKE' resource exhaustion Asterisk Security Team
AST-2008-011: Traffic amplification in IAX2 firmware provisioning system Asterisk Security Team
RE: Windows Vista Power Management & Local Security Policy Abe Getchell
RE: Windows Vista Power Management & Local Security Policy Good Securitypractice
[SECURITY] [DSA 1540-3] New lighttpd packages fix regression Thijs Kinkhorst
Vim: Flawed Fix of Arbitrary Code Execution Vulnerability in filetype.vim Jan Minář
[USN-628-1] PHP vulnerabilities Jamie Strandboge
[SECURITY] [DSA 1614-1] New iceweasel packages fix several vulnerabilities Moritz Muehlenhoff
[SECURITY] [DSA 1615-1] New xulrunner packages fix several vulnerabilities Moritz Muehlenhoff
Re: Wordpress Malicious File Execution Vulnerability otto
[ MDVSA-2008:153 ] - Updated emacs packages fix vulnerability security
Thursday, 24 July
CAU-EX-2008-0002: Kaminsky DNS Cache Poisoning Flaw Exploit I)ruid
[SECURITY] [DSA 1616-1] new clamav packages fix denial of service Devin Carraway
[ MDVSA-2008:154 ] - Updated xemacs packages fix vulnerability security
[Full-disclosure] [tool] SDT Cleaner 1.0 Nahuel C. Riva
Friday, 25 July
Re: [Full-disclosure] Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution Jan Minář
[USN-629-1] Thunderbird vulnerabilities Jamie Strandboge
Re: [Full-disclosure] Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution Robert Buchholz
[SECURITY] [DSA 1617-1] New refpolicy packages fix incompatible policy Devin Carraway
Secunia Research: RealPlayer SWF Frame Handling Buffer Overflow Secunia Research
XRMS 1.99.2 (RFI/XSS/IG) Multiple Remote Vulnerabilities azzcoder
ezContents CMS Renote File inclusion security
SECOBJADV-2008-02: Cygwin Installation and Update Process can be Subverted Vulnerability advisories
Re: [Full-disclosure] Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution Steven M. Christey
Re: [Full-disclosure] CAU-EX-2008-0002: Kaminsky DNS Cache Poisoning Flaw Exploit Ganbold
Re: [Full-disclosure] Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution Robert Buchholz
Re: [bugtraq] Re: [Full-disclosure] CAU-EX-2008-0002: Kaminsky DNS Cache Poisoning Tuc at T-B-O-H.NET
ZDI-08-045: Apple Safari StyleSheet ownerNode Heap Corruption Vulnerability zdi-disclosures
http://www.zerodayinitiative.com/advisories/ZDI-08-046 zdi-disclosures
ZDI-08-047: RealNetworks RealPlayer rmoc3260 ActiveX Control Memory Corruption Vulnerability zdi-disclosures
Saturday, 26 July
[SECURITY] [DSA 1616-2] New clamav packages fix denial of service Devin Carraway
[ MDVSA-2008:155 ] - Updated Thunderbird packages fix multiple vulnerabilities security
[SECURITY] [DSA 1618-1] New ruby1.9 packages fix several vulnerabilities Moritz Muehlenhoff
Re: [Full-disclosure] Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution Jan Minář
Monday, 28 July
[SECURITY] [DSA 1619-1] New python-dns packages fix DNS response spoofing Devin Carraway
[SECURITY] [DSA 1620-1] New python2.5 packages fix several vulnerabilities Moritz Muehlenhoff
how to request a cve id? xpzhang
[ MDVSA-2008:155-1 ] - Updated Thunderbird packages fix multiple vulnerabilities security
[SECURITY] [DSA 1621-1] New icedove packages fix several vulnerabilities Moritz Muehlenhoff
Security Bypass Vulnerabilities AXESSTEL Bboyhacks
[DSECRG-08-033] Local File Include Vulnerability in Pixelpost 1.7.1 Digital Security Research Group [DSecRG]
Tool release: [evilgrade] - Using DNS cache poisoning to exploit poor update implementations [ISR] - Infobyte Security Research
[security bulletin] HPSBMA02353 SSRT080066 rev.1 - HP OpenView Internet Services Running Probe Builder, Remote Denial of Service (DoS) security-alert
JamRoom <= 3.3.8 Authentication Bypass GulfTech Security Research
RE: Windows Vista Power Management & Local Security Policy Greg
Re: how to request a cve id? Steven M. Christey
Multiple Cross-Site Scripting Vulnerabilities in Web Wiz Rich Text Editor version 4.02 supportrup
ViArt <= 3.5 SQL Injection GulfTech Security Research
Cross Site Scripting (XSS) in Owl <=0.95, CVE-2008-3100 Fabian Fingerle
Tuesday, 29 July
iDefense Security Advisory 07.28.08: Hewlett-Packard OVIS Probe Builder Arbitrary Process Termination Vulnerability iDefense Labs
[ MDVSA-2008:156 ] - Updated libpng packages fix vulnerability security
[USN-626-1] Firefox and xulrunner vulnerabilities Jamie Strandboge
rPSA-2008-0236-1 httpd mod_ssl rPath Update Announcements
PhpJobScheduler 3.1 Remote File Inclusion Vulnerability Ghost hacker
rPSA-2008-0238-1 firefox rPath Update Announcements
rPSA-2008-0237-1 tshark wireshark rPath Update Announcements
[USN-631-1] poppler vulnerability Kees Cook
plugin Rss Remote File Inclusion Vulnerability Ghost hacker
VMSA-2008-00011 Updated ESX service console packages for Samba and vmnix VMware Security team
[DSECRG-08-034] Local File Include Vulnerability in Minishowcase v09b136 Digital Security Research Group [DSecRG]
rPSA-2008-0235-1 fetchmail fetchmailconf rPath Update Announcements
Gregarius <= 0.5.4 SQL Injection GulfTech Security Research
n.runs-SA-2008.004 - AVG Anti-Virus Divide by Zero - DoS (remote) security
[USN-630-1] ffmpeg vulnerability Kees Cook
Remote Cisco IOS FTP exploit Andy Davis
Re: E-Mail header Injection in HiFriend Adrian Pastor
[ MDVSA-2008:157 ] - ffmpeg security
Wednesday, 30 July
shoutbox Remote Database Dawnload Exploit Ghost hacker
Cisco IOS shellcode explanation Andy Davis
HIOX Star Rating System 1.0 Remote File Inclusion Vulnerability Ghost hacker
Memory corruption and NULL pointer in Unreal Tournament III 1.2 Luigi Auriemma
RE: Remote Cisco IOS FTP exploit Paul Oxman (poxman)
HIOX Random Ad 1.3 (hioxRandomAd.php hm) RFI Vulnerability Ghost hacker
HIOX Browser Statistics 2.0 Remote File Inclusion Vulnerability Ghost hacker
NULL pointer in Unreal Tournament 2004 v3369 Luigi Auriemma
MJGuest 6.8 GT Cross Site Scripting Vulnerability irancrash
RealNetworks RealPlayer ActiveX Illegal Resource Reference Vulnerability cocoruder
Tool: PorkBind Nameserver Security Scanner super
Cisco IOS shellcode explanation - additional Andy Davis
[ MDVSA-2008:158 ] silc-toolkit security
DEV WMS Multiple Vulnerabilities irancrash
Citrix MetaFrame Privilege Escalation Wendel Guglielmetti Henrique
Thursday, 31 July
[ MDVSA-2008:159 ] licq security
[oCERT-2008-009] libxslt heap overflow Andrea Barisani
Secunia Research: Blue Coat K9 Web Protection "Referer" Header Buffer Overflow Secunia Research
[security bulletin] HPSBUX02286 SSRT071466 rev.1 - HP-UX Running System Administration Manager (SAM), Unintended Remote Access security-alert
[SECURITY] [DSA 1622-1] New newsx packages fix arbitrary code execution Thijs Kinkhorst
Pligg <= 9.9.0 Multiple Vulnerabilities GulfTech Security Research
Secunia Research: Blue Coat K9 Web Protection Response Handling Buffer Overflows Secunia Research
[~] Greetz : Me93fg & Mr.SaFa7 Ghost hacker
iDefense Security Advisory 07.30.08: SAP MaxDB dbmsrv Untrusted Execution Path Vulnerability iDefense Labs
[ GLSA 200807-13 ] VLC: Multiple vulnerabilities Pierre-Yves Rofes
[ GLSA 200807-15 ] Pan: User-assisted execution of arbitrary code Pierre-Yves Rofes
[SECURITY] [DSA 1623-1] New dnsmasq packages fix cache poisoning Moritz Muehlenhoff
[ GLSA 200807-14 ] Linux Audit: Buffer overflow Pierre-Yves Rofes
[SECURITY] [DSA 1624-1] New libxslt packages fix arbitrary code execution Moritz Muehlenhoff